Hacker Selling Over 1 Million Decrypted Gmail and Yahoo Passwords On Dark Web

Hardly a day goes without headlines about any significant data breach. In past year, billions of accounts from popular sites and services, including LinkedIn, Tumblr, MySpace, Last.FM, Yahoo!, VK.com were exposed on the Internet.

Now, according to the recent news, login credentials and other personal data linked to more than one Million Yahoo and Gmail accounts are reportedly being offered for sale on the dark web marketplace.

The online accounts listed for sale on the Dark Web allegedly contain usernames, emails, and plaintext passwords. The accounts are not from a single data breach; instead, several major cyber-attacks believed to have been behind it.

The hacker going by the online handle 'SunTzu583' has listed a number of cracked email packages on a series of dark websites, HackRead reported.

The data listed for sale by SunTzu583 has not been independently verified by The Hacker News, but has reportedly been checked by matching it to the data on a number of data breach notification platforms, including Hacked-DB and HaveIBeenPwned.

Here's What All You Can Do:

Needless to say, you should immediately change almost all your account passwords at least once.

Also enable two-factor authentication for all your online accounts immediately.

And once again, a strong recommendation: Don't Reuse Passwords.

Also, you are recommended to change your password every few months, which limits how long a stolen password is useful to a hacker.

Since no one can remember and recreate strong passwords for every single online account regularly, the best practice is to use a good password manager. It will generate, store and change regularly strong, unique passwords for all your accounts.